installation with encryption: erasing does nothing

Bug #1285247 reported by Patrik Nilsson on 2014-02-26
This bug affects 4 people
Affects Status Importance Assigned to Milestone
ubiquity (Ubuntu)
Dimitri John Ledkov

Bug Description

"Overwriting empty disk space" when installing with encryption ("encrypt the new Ubuntu GNOME installation for security" and "Use LVM with the new Ubuntu GNOME installation" checked) does nothing.

The same option installing Debian 7.4 takes 24h on the same computer.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: ubiquity (not installed)
ProcVersionSignature: Ubuntu 3.13.0-12.32-generic 3.13.4
Uname: Linux 3.13.0-12-generic i686
NonfreeKernelModules: wl
ApportVersion: 2.13.2-0ubuntu5
Architecture: i386
CurrentDesktop: GNOME
Date: Wed Feb 26 17:43:05 2014
InstallCmdLine: file=/cdrom/preseed/ubuntu-gnome.seed boot=casper initrd=/casper/initrd.lz quiet splash -- maybe-ubiquity
InstallationDate: Installed on 2014-02-26 (0 days ago)
InstallationMedia: Ubuntu-GNOME 14.04 "Trusty Tahr" - Alpha i386 (20140226)
SourcePackage: ubiquity
UpgradeStatus: No upgrade log present (probably fresh install)

information type: Private Security → Public Security
Changed in ubiquity (Ubuntu):
status: New → Confirmed
assignee: nobody → Dimitri John Ledkov (xnox)

It renders essential features or functionality of the package (or a dependent one) broken.

Changed in ubiquity (Ubuntu):
importance: Undecided → High

Just to make sure we don't introduce another security issue: Erasing actually means randomizing content.

In command-line words:

dd if=/dev/urandom of=/dev/sdx

and make sure /dev/urandom is working during installation.

SamInside (sam-inside-89) wrote :

Hrmmmm... This exists since 2014 !!??
And it's not solved yet (2016)?

Please also see:

@Patrik: better yet is to use "shred", it's faster than urandom.

To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers